NEWS > Lab
May 03, 2021
QR Code reconstruction
Reconstructing a QR Code from partially censored images.
January 28, 2021
Advisory X41-2021-001: Multiple Vulnerabilities in YARA
Luis Merino of X41 discovered multiple vulnerabilities in YARA
December 21, 2020
Microsoft Exchange Remote Code Execution - CVE-2020-16875
The patch for CVE-2020-16875 in Microsoft Exchange can bypassed to gain remote code execution again.
September 22, 2020
Decompressing Xamarin DLLs
Solving a small decompression challenge during an audit
July 15, 2020
bspatch strikes back
The tale of a forgotten bug in bspatch.
July 09, 2020
Advisory X41-2020-006: Memory Corruption Vulnerability in bspatch
Luis Merino of X41 discovered an unpatched vulnerability in some bspatch upstream and some forks
June 18, 2020
Advisory X41-2020-002: Multiple Vulnerabilities in Psyprax 3.1.2.2
Eric Sesterhenn of X41 discovered multiple vulnerabilities in psyprax 3.1.2.2
June 15, 2020
Vulnerabilities and Coordinated Disclosure
How X41 deals with coordinated disclosure in light of recent vulnerabilities found in medical software
April 23, 2020
Advisory X41-2019-008: Vulnerable Components used by Cerner medico
X41 discovered security vulnerabilities in Cerner medico components
April 08, 2020
Advisory X41-2019-007: Cleartext Credentials in GeDoWin Geburt
Niklas Abel of X41 discovered cleartext credentials in GeDoWin Geburt 2019.2
April 02, 2020
Advisory X41-2020-004: Multiple Vulnerabilities in Medical Office
Eric Sesterhenn of X41 discovered multiple vulnerabilities in Indamed Medical Office
April 01, 2020
Advisory X41-2020-003: Multiple Vulnerabilities in Epikur
Eric Sesterhenn of X41 discovered multiple vulnerabilities in Epikur
March 25, 2020
Advisory X41-2020-005: Insufficient Password Protection in Smarty
Eric Sesterhenn of X41 discovered that smarty stores passwords in a recoverable way.
March 03, 2020
Advisory X41-2020-001: DLL Sideloading Vulnerability in Hasomed Elefant 20.01.01 Installer
Eric Sesterhenn of X41 discovered a DLL sideloading vulnerability in the Hasomed Elefant 20.01.01 installer.
December 11, 2019
X41 finished Unbound DNS Server Audit
X41 has finished auditing the unbound DNS server and is releasing the resulting report.
November 19, 2019
X41 finds Shell Injection in Unbound ipsecmod
X41 is currently auditing the unbound DNS server and found a severe issue that allows remote code execution in the opsecmod module.
October 02, 2019
X41 Teams up With Medical Tribune to Check the Security of Medical Practices in Germany
X41 had a look at the security level of medical practices in Germany
June 13, 2019
Advisory X41-2019-004: Type confusion in Thunderbird
Luis Merino of X41 discovered a type confusion in Thunderbird
June 13, 2019
Advisory X41-2019-003: Stack-based buffer overflow in Thunderbird
Luis Merino of X41 discovered a stack-based buffer overflow in Thunderbird
June 13, 2019
Advisory X41-2019-002: Heap-based buffer overflow in Thunderbird
Luis Merino of X41 discovered a heap-based buffer overflow in Thunderbird
